Remote control of your mobile phone

Remote control of your mobile phone
The AVL mobile security team recently discovered a method to steal user privacy by using the lightweight web Server jetty. by visiting a specific url in a browser, you can obtain user privacy information.

Working Method:

After setting the jetty server on the target mobile phone, you can request a specific URL through a browser to obtain resources on the target mobile phone, including privacy information.

The architecture is as follows:

Url path for retrieving user privacy information:

After the trojan turns the target mobile phone into a server, it uses a url request to obtain any resources on the mobile phone, resulting in user privacy leakage. This method is more unique and concealed.
 

The AVL mobile team recently discovered a remote control spyware program that uses Androidpn push commands. The program disguised as a system application and induces users to activate the Device Manager, upload private information such as call records, call recordings, Environment recordings, contacts, text message boxes, and geographic locations based on the commands obtained by the push, you can also modify text message box content, send private text messages, intercept text messages, Block incoming calls, and perform other operations to steal user privacy and affect the normal experience of mobile phones.

Android push notification principle (derived from the Androidpn Interface ):

Push messages to the user's mobile client (from the Androidpn Interface ):

Log on to the xmpp server and obtain the message command (from the Androidpn Interface ):

Remote control module process:

In addition, the app can receive commands and modify and replace the content in the text box without authorization ..

This sample uses a rare Androidpn push method to obtain instructions, which is relatively more concealed. In addition, multiple types of private information are stolen, especially the function of modifying text message boxes. Users can download and install AVL Pro to detect and kill such Trojans. AVL Pro provides real-time protection to help you get rid of viruses and create a good mobile phone environment.